đľď¸Spot the Threat
Explain what vishing is as if you were warning a colleague who doesnât know much about cybersecurity.
Vishing is when scammers call pretending to be a trusted source like your bank or HR to get personal info. For example, someone might say your account has suspicious activity and ask for your PIN. Never give sensitive data over the phone.
Walk us through how a DDoS attack actually brings a website down.
Attackers use a network of infected devices (botnets) to flood a server with traffic. The server gets overwhelmed, slows down, or crashes, making the site unavailable to real users.
Your coworker gets a text asking to âverify their bank account.â What would you advise them to do?
Iâd tell them not to click or reply, and to contact the bank directly using an official number. Legitimate institutions never ask for info by text.
Whatâs one simple daily habit that reduces your risk of cyberattacks?
Always verify links before clicking, use strong passwords, and avoid connecting to unsecured Wi-Fi.
How does a virus differ from a Trojan?
A virus attaches to legitimate files and spreads when those files are opened. A Trojan disguises itself as legitimate software to trick users into installing it
How would you explain a data breach to a non-technical friend?
Itâs when someone gets unauthorized access to private data â like emails, credit card numbers, or passwords. Itâs like a thief breaking into a digital vault and stealing sensitive info.
Why are insider threats often harder to detect than external attacks?
Insiders already have access, so their actions donât always raise alarms. It can be intentional or accidental, but it often blends in with normal activity.
You see unusual traffic on your companyâs network. Whatâs your first step?
First, alert the security or IT team, isolate affected systems if needed, and start investigating logs to identify the source.
Explain why 2FA is more effective than passwords alone.
Even if someone steals your password, they canât log in without the second factor, like a code or authentication app.
Explain how spyware could be used to steal sensitive data from a developerâs laptop.
Spyware runs silently in the background, recording keystrokes, passwords, and activity. It can steal credentials, code, or project data.
Smishing is less known than phishing. Why do you think it can be more dangerous?
People usually trust text messages more than emails. Phones donât have spam filters like email, so users are more likely to click on malicious links
Describe how a hacker could use phishing to steal login credentials.
They send a fake email pretending to be a trusted source. The email has a link to a fake login page. Once the victim enters their credentials, the hacker captures them.
A ransomware message appears on your screen. What immediate actions should your team take?
Disconnect from the network, alert IT/security, donât pay the ransom, and start incident response protocols to contain and restore from backups.
Propose three security measures your company could implement to reduce phishing risks.
1. Regular security training, 2. Email filtering tools, 3. Multi-factor authentication. These lower the chances of successful attacks.
How do botnets amplify the impact of cyberattacks?
Because it can contain hidden malware, collect user behavior, or redirect to malicious sites. Itâs a doorway to bigger attacks.
Give one real-life example (personal or hypothetical) of a whaling attack.
Letâs say the CEO receives an email that looks like itâs from the companyâs lawyer asking to approve a confidential payment. Itâs personalized and urgent â designed to trick high-level executives.
What makes a man-in-the-middle attack so dangerous?
Because the victim doesnât notice anything unusual â the attacker secretly intercepts and alters communication between two parties in real time.
If your team fell for a phishing scam, what could be the short-term and long-term consequences?
Short-term: stolen data or downtime. Long-term: financial loss, damaged reputation, legal issues, and loss of client trust.
If you could implement one cultural shift in your team to strengthen cybersecurity, what would it be and why?
âIâd build a âreport first, blame neverâ culture. If people feel safe reporting suspicious activity fast, we can respond quicker and minimize damage.â
Imagine youâre explaining ransomware to your companyâs leadership team. How would you make them understand the severity and impact?
Iâd explain that ransomware can lock all company data, disrupt operations for days or weeks, and cost millions. Prevention and backups are essential because recovery isnât guaranteed.
If your CEO receives a phishing email, what red flags should they notice?
Look for suspicious sender addresses, spelling errors, urgency, requests for personal data, or links that donât match official domains. Always verify before clicking.
Explain why SQL injection remains a common vulnerability â and what could be done to prevent it.
Many systems donât properly validate user input. Hackers inject malicious SQL commands to access or manipulate data. Using parameterized queries and input validation can prevent it.